On 28/08/18 17:05, Suzy Ariyani ([email protected]) wrote: > Kemarin dan hari ini ada masalah dlm pengiriman email dari HSBC ke > ptbmi.com –> [email protected] dan [email protected] > Ini header email-nya:
Yang perlu saya lihat transaksi mail dari sender hsbc.com.sg di smtp-in log bb.ptbmi.com Tetapi besar dugaan saya sender host connected ke bb.ptbmi.com hanya saja tidak kirim mail data karena seingat saya semua server hsbc menolak kirim mail ke receiver yang tidak mengaktifkan SMTP/TLS. Aktifkan SMTP/TLS di server bb.ptbmi.com agar bisa terima langsung dari server hsbc family. https://www.mail-archive.com/[email protected]/msg43010.html https://www.mail-archive.com/[email protected]/msg43011.html > Menurut DNet Crew: > Remote Server returned '<[202.148.25.131] #5.0.0 smtp; 550 Denied by policy. > TLS conversation required.>' > Berdasarkan log yg kami terima dr ibu, diatas menjelaskan bahwa email dr hsbc > tertolak karena "denied by policy" oleh bb.ptbmi.com Mestinya sih tidak demikian. Lihat hasil test dibawah ini $ openssl s_client -debug -starttls smtp -crlf -connect bb.ptbmi.com:25 CONNECTED(00000003) --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 270 bytes and written 324 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1535448396 Timeout : 300 (sec) Verify return code: 0 (ok) SMTP/TLS di bb.ptbmi.com tidak aktif. bandingkan dengan ini (yang SMTP/TLS nya aktif). $ openssl s_client -debug -starttls smtp -crlf -connect relayhost.dutaint.com:25 CONNECTED(00000003) depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = dip32.dutaint.com verify return:1 Certificate chain 0 s:/CN=dip32.dutaint.com i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 i:/O=Digital Signature Trust Co./CN=DST Root CA X3 --- Server certificate subject=/CN=dip32.dutaint.com issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 --- No client certificate CA names sent Peer signing digest: SHA1 Server Temp Key: ECDH, P-521, 521 bits --- SSL handshake has read 3675 bytes and written 574 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-SHA384 Session-ID: F93B00004C13F135A549BCA119578F60ED565B9B8F5ED85CF64742D6F5C04D30 Session-ID-ctx: Master-Key: 8941689FDF8A1D9A68CEC71E13C0C07900CC88606C4F1D0E54A91B322E1DA2B9155021969756DC5C6774CAA331970C6D Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1535453289 Timeout : 300 (sec) Verify return code: 0 (ok) --- 250 SIZE 35840000 -- syafril ------- Syafril Hermansyah MDaemon-L Moderators, running MDaemon 18.5.0-64 bit Beta B Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon. Learning is not attained by chance, it must be sought for with ardour and attended to with diligence. --- Abigail Adams -- --[mdaemon-l]---------------------------------------------------------- Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette Arsip: http://mdaemon-l.dutaint.com Dokumentasi : http://mdaemon.dutaint.co.id Berlangganan: Kirim mail ke [email protected] Henti Langgan: Kirim mail ke [email protected] Versi terakhir MD 18.0.2, SG 5.5.0
